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Amendments To The Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims : 

1-20. (canceled) 

21. (currently amended) A machine-executed method for verifying the existence of a 
trusted path to a user in a computing system, the computer system including a trusted 
computing environment, the method comprising the following steps conducted in 
sequence: 

(a) upon login by a user, automatically assigning a process identifier to the 
user in the tmsted computing environment; 

(b) storing the assigned process identifier in trusted memory; 

(c) establishing a trusted path between the user and the trusted computing 
environment; 

(d) through the trusted path, displaying the process identifier to the user; 

and 

(e) upon the user's subsequent entry into the trusted computing 
environment, automatically displaying the process identifier to the user through the 
trusted path so that the user is assured that the trusted path has been established. 

22. (previously presented) The method of claim 21, wherein the process identifier is a 
randomly or pseudo-randomly generated group of alphanumeric characters. 

23. (previously presented) The method of claim 21, wherein the process identifier is 
pronounceable. 
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24. (previously presented) An automatic data processing machine programmed to 
execute the method of claim 21. 

25. (previously presented) An automatic data processing machine comprising means 
for performing the method steps of claim 21. 

26. (previously presented) A program storage device readable by a machine and 
tangibly embodying a representation of a program of instructions adaptable to be 
executed by said machine to perform the method of claim 2 1 . 

27. (previously presented) An apparatus for executing a trusted command that is 
issued by a user comprising: 

(a) untrusted parsing means for generating a trusted parsed command; 

(b) trusted means for receiving the trusted parsed command via a trusted 

path; 

(c) means for displaying a representation of the trusted parsed command 
to the user for verification; and 

(d) trusted means for executing the verified trusted parsed command. 

28. (canceled) 

29. (previously presented) The apparatus according to claim 27, v^here the display 
means automatically displays the representation of the trusted parsed command to the 
user for verification. 

30. (currently amended) The apparatus according to claim 27, further comprising: 

means for initially inputting a process identifier by the user; and 

memory for storing the process identifier, wherein the representation of the 

trusted pars e parsed command displayed to the user for verification constitutes the 

process identifier. 
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31. (currently amended) An apparatus for controlling the execution by a machine of a 
trusted command that is issued by a user and that is parsed by untrust e d parsing 
m e ans to g e n e rat e a parsed command , comprising: 

(a) untrusted parsing means for generating a parsed trusted command: 

(a) (b) means, readable by the machine, for causing the machine to receive the 
parsed trusted command from the untrusted parsing means; and 

(b) (c) means, readable by the machine, for causing the machine to execute the 
parsed trusted command. 

32. (currently amended) An apparatus for controlling the execution by a machine of a 
trusted command that is issued by a user with user identification data and that is 
parsed by untrust e d parsing m e ans to g e nerat e a parsed command, comprising: 

( a) untrusted parsing means for generating a parsed trusted command; 

(a) {b} means, readable by the machine, for causing the machine to receive the 
user identification data from the user; 

(b) (c} means, readable by the machine, for causing the machine to receive the 
parsed trusted command from the untrusted parsing means; 

(e) (d) means, readable by the machine, for causing the machine to perform a 
security check on the parsed trusted command and a security check on the user 
identification data; and 

(d) {e} means, readable by the machine, for causing the machine to execute the 
parsed trusted command. 

33. (previously presented) The apparatus according to claim 32, further comprising: 

(1) means, readable by the machine, for causing the machine to display a 
representation of the parsed command to the user; 

(2) means, readable by the machine, for causing the machine to receive a 
signal from the user signifying whether the displayed representation accurately 
represents the trusted command; and 
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(3) means, readable by the machine, for preventing the machine from 
executing the trusted command if the signal signifies that the parsed command does 
not accurately represent the trusted command. 

34. (previously presented) The apparatus according to claim 32, further comprising: 

(1) means, readable by the machine, for causing the machine to display a 
representation of the parsed command to a second user; 

(2) means, readable by the machine, for causing the machine to receive a 
signal from the second user signifying whether the displayed representation 
accurately represents a legitimate command; and 

(3) means, readable by the machine, for preventing the machine from 
executing the trusted command if the signal signifies that the parsed command does 
not accurately represent a legitimate command. 

35. (previously presented) An automatic data processing machine programmed to 
execute the method of claim 22. 

36. (previously presented) An automatic data processing machine programmed to 
execute the method of claim 23. 

37. (previously presented) An automatic data processing machine comprising means 
for performing the method steps of claim 22. 

38. (previously presented) An automatic data processing machine comprising means 
for performing the method steps of claim 23. 

39. (previously presented) A program storage device readable by a machine and 
tangibly embodying a representation of a program of instructions adaptable to be 
executed by said machine to perform the method of claim 22. 



Page 5 of 16 



Application Serial No. 09/515,384 

Reply to Office Action dated January 4, 2005 



40. (previously presented) A program storage device readable by a machine and 
tangibly embodying a representation of a program of instructions adaptable to be 
executed by said machine to perform the method of claim 23. 

41. (new) The apparatus according to claim 27, further comprising: 

means, readable by the machine, for causing the machine to receive a signal 
from the user signifying whether the displayed representation accurately represents 
the trusted command; and 

means, readable by the machine, for preventing the machine from executing 
the trusted command if the signal signifies that the parsed command does not 
accurately represent the trusted command. 
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